Mercurial > prosody-modules
comparison mod_firewall/scripts/spam-blocking.pfw @ 5531:af2778f4ee29
mod_firewall: scripts: spam-blocking.pfw: Add special handling for MUC invites
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 08 Jun 2023 11:28:56 +0100 |
| parents | bb60db2b2cd1 |
| children | 09311a8a3cfa |
comparison
equal
deleted
inserted
replaced
| 5530:8226ac08484e | 5531:af2778f4ee29 |
|---|---|
| 95 # and should be routed normally to handle MUC 'ghosts' correctly | 95 # and should be routed normally to handle MUC 'ghosts' correctly |
| 96 TO: <*>@<*>/<*> | 96 TO: <*>@<*>/<*> |
| 97 TYPE: groupchat | 97 TYPE: groupchat |
| 98 PASS. | 98 PASS. |
| 99 | 99 |
| 100 # Mediated MUC invitations are naturally from 'strangers' and have special | |
| 101 # handling. We lean towards accepting them, unless overridden by custom rules. | |
| 102 NOT FROM FULL JID? | |
| 103 NOT INSPECT: body | |
| 104 INSPECT: {http://jabber.org/protocol/muc#user}x/invite | |
| 105 JUMP CHAIN=user/spam_check_muc_invite | |
| 106 | |
| 100 # Non-chat message types often generate pop-ups in clients, | 107 # Non-chat message types often generate pop-ups in clients, |
| 101 # so we won't accept them from strangers | 108 # so we won't accept them from strangers |
| 102 NOT TYPE: chat | 109 NOT TYPE: chat |
| 103 JUMP CHAIN=user/spam_reject | 110 JUMP CHAIN=user/spam_reject |
| 104 | 111 |
| 136 | 143 |
| 137 JUMP CHAIN=user/spam_check_subscription_request_custom | 144 JUMP CHAIN=user/spam_check_subscription_request_custom |
| 138 | 145 |
| 139 ################################################################## | 146 ################################################################## |
| 140 | 147 |
| 148 #### Rules for MUC invitations ################################### | |
| 149 | |
| 150 ::user/spam_check_muc_invite | |
| 151 | |
| 152 # This chain can be used to inspect the invitation and determine | |
| 153 # the appropriate action. Otherwise, we proceed with the default | |
| 154 # action below. | |
| 155 JUMP CHAIN=user/spam_check_muc_invite_custom | |
| 156 | |
| 157 # Allow mediated MUC invitations by default | |
| 158 PASS. | |
| 159 | |
| 141 #### Stanzas reaching this chain will be rejected ################ | 160 #### Stanzas reaching this chain will be rejected ################ |
| 142 ::user/spam_reject | 161 ::user/spam_reject |
| 143 | 162 |
| 144 # This chain can be used by other scripts | 163 # This chain can be used by other scripts |
| 145 # and modules to override the default behaviour | 164 # and modules to override the default behaviour |
| 149 LOG=Rejecting suspected spam: $(stanza:top_tag()) | 168 LOG=Rejecting suspected spam: $(stanza:top_tag()) |
| 150 BOUNCE=policy-violation | 169 BOUNCE=policy-violation |
| 151 | 170 |
| 152 ################################################################## | 171 ################################################################## |
| 153 | 172 |
| 154 #### Stanzas that may be spam, but we're not sure either way###### | 173 #### Stanzas that may be spam, but we're not sure either way ##### |
| 155 ::user/spam_handle_unknown | 174 ::user/spam_handle_unknown |
| 156 | 175 |
| 157 # This chain can be used by other scripts | 176 # This chain can be used by other scripts |
| 158 # and modules to apply additional checks, or to | 177 # and modules to apply additional checks, or to |
| 159 # override the default behaviour | 178 # override the default behaviour |